<?php
$user = $_SESSION["adminLoggedUserName"];
$operation = $_POST["operation"];

if ($operation == "reorder")
{
	$operationName = "Reordenación";
	$positions = $_POST["positions"];
	foreach ($positions as $id => $position) {
		$query = "UPDATE faq SET modified = NOW(), modifiedBy = '$user', position = '$position' WHERE id = '$id'";
		if (!$db->runQuery($query)) {
			echo "ko|Error de MySQL: ".$db->getErrorDescription();
			exit;
		}
	}
}
else
{
	$position = $_POST["position"];
	$question = $db->escapeString(utf8_decode($_POST["question"]));
	$answer = $db->escapeString(utf8_decode($_POST["answer"]));

	switch ($operation)
	{
		// Add
		case "add":
			$operationName = "Inserción";
			$query = "INSERT INTO faq (created, createdBy, question, answer, position) VALUES (NOW(), '$user', '$question', '$answer', '$position')";
			break;
		// Edit
		case "edit":
			$operationName = "Modificación";
			$query = "UPDATE faq SET modified = NOW(), modifiedBy = '$user', question = '$question', answer = '$answer', position = '$position' WHERE id = '".$_POST["id"]."'";
			break;
		// Default
		default:
			echo "ko|No se ha especificado ninguna operación.";
			exit;
	}

	if (!$db->runQuery($query)) {
		echo "ko|Error de MySQL: ".$db->getErrorDescription();
		exit;
	}
}

echo "ok|".$operationName." correcta.";
exit;
?>
